package com.itheima.project.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;

/**
 * @author jiangxun
 */
@Configuration
public class SecurityConfig {
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {

        http.formLogin()
                //自定义自己编写的登陆页面
                .loginPage("/login.html")
                //登录页面设置
                .loginProcessingUrl("/login")
                //登录访问路径
                .permitAll()
                //登录页和登录访问路径无需登录也可以访问
                .and()
                .authorizeRequests()
                .antMatchers("/css/**", "/images/**").permitAll()
                .antMatchers("/hello/user").hasRole("USER")
                .antMatchers("/hello/admin").hasAnyRole("ADMIN")
                .anyRequest().authenticated()
                .and()
                .csrf().disable();
                //关闭csrf防护
        return http.build();
    }

    /**
     * 基于内存模型实现认证
     * BCrypt密码加密
     *
     * @return
     */

    @Bean
    PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

}
/*
    // 更新代码
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {

        http.formLogin()
                //自定义自己编写的登陆页面
                .loginPage("/login.html")
                //登录页面设置
                .loginProcessingUrl("/login")
                //登录访问路径
                .permitAll()
                //登录页和登录访问路径无需登录也可以访问
                .and()
                .authorizeRequests()
                .antMatchers("/css/**", "/images/**").permitAll()
                .anyRequest().authenticated()
                .and()
                .csrf().disable();
        //关闭csrf防护
        return http.build();
    }*/


/*
    // 基于内存模型实现认证
    //该实现类放service包下
    @Bean
    public UserDetailsService users() {
        UserDetails user = User.builder()
                .username("user")
                .password("$2a$10$ODTyhKD7XpJLDiwLvr8.CuyhHt/9h6GOcpYptizFFwsFvWPE3hyJ2")
                .roles("USER")
                .build();
        UserDetails admin = User.builder()
                .username("admin")
                .password("$2a$10$1jHD5J86b1Bxeh2ytQFj4OEuyJ9U1RkpyigxRlnb1VebsZHYM3oLi")
                .roles("USER", "ADMIN")
                .build();
        return new InMemoryUserDetailsManager(user, admin);
    }
    */

   /*
   //NoOpPasswordEncoder.getInstance() 密码不加密的方式
   @Bean
    PasswordEncoder passwordEncoder() {
        return NoOpPasswordEncoder.getInstance();
        //'org.springframework.security.crypto.password.NoOpPasswordEncoder' 已经过时了
        //先使用测试，后注释
    }

    @Bean
    public UserDetailsService users() {
        UserDetails user = User.builder()
                .username("user")
                .password("123456")
                .roles("USER")
                .build();
        UserDetails admin = User.builder()
                .username("admin")
                .password("112233")
                .roles("USER", "ADMIN")
                .build();
        return new InMemoryUserDetailsManager(user, admin);
    }*/
